[Infowarrior] - CSAF memo ref: cyberspace operations

Richard Forno rforno at infowarrior.org
Thu May 28 11:22:58 UTC 2009 

From: CSAF <xxxxxxx at xxxxx.af.mil>
Sent: Wed May 27 14:42:46 2009
Subject: Cyberspace Operations Culture Change

Fellow Airmen,

In executing our Air Force mission of fly, fight and win, our Airmen,  
civilians and contractors, knowingly or unknowingly, engage daily on  
the cyber battlefield.  Computers and personal electronic devices  
connected to our networks can simultaneously be powerful tools and  
critical vulnerabilities. At times, our networks have been compromised  
by multiple means:  Malware hidden in emails, virus-corrupted thumb  
drives, and media moved incorrectly between networks. We can prevent  
these events with due consideration and proper procedures, but in the  
past, we've regarded network protection and security as the "comm  
guy's job," and as a user inconvenience. This must no longer be the  
case.

Today, we forge a long overdue Air Force cultural change. Cyber  
operations reinforce and enable everything we do - from administrative  
functions to combat operations - and we must treat our computers and  
networks similarly to our aircraft, satellites and missiles. To this  
end, operations and maintenance will follow standards governed by a  
tight system of regulations and technical orders. Compliance with time  
critical software updates will gain new emphasis and commanders will  
be held accountable. Command and control relationships will be revised  
to correctly align authorities and responsibilities.  MAJCOMs and  
subordinate commanders will no longer "own" networks, but will be  
responsible for their portion of the larger Air Force Global  
Information Grid (AF-GIG).  Air Force Space Command will champion our  
cyber force development and operations.

I have signed a directive memo making an unequivocal statement about  
the importance of compliance with network related technical orders.  
This guidance will improve safety and efficiency on the AF-GIG and  
provide commanders a clear enforcement/disciplinary mechanism. MTOs,  
NTOs, and CCOs issued by the AFNETOPS/CC now have the same authority  
as aircraft maintenance technical orders and lawful general orders. I  
expect this change will increase compliance with network technical  
orders across the AF.

As Airmen, civilians and contractors, you must understand your  
responsibility in this cultural change. Each time you use a networked  
device, you are on patrol for our Nation. You must be alert for and  
report suspicious emails, websites and suspicious attachments.   
Mission needs may require you to "sneaker-net" information, but you  
must follow safe and approved procedures for moving critical data. You  
must not upload data from personal devices for any reason.  While  
training programs communicate information on network security, we  
depend on you to execute responsibly. When irresponsible acts occur, I  
expect commanders to enforce our standards.

This change is not easy, but compliance enables us to defend our  
networks - paramount in the face of increasing threats.  Networks are  
a shared resource and a risk assumed by one is a risk exposed to all.  
Our Air Force must move to a system of tight network control, personal  
responsibility, and accountability as we execute our global mission on  
behalf of our Nation.


NORTON A. SCHWARTZ
General, USAF
Chief of Staff

More information about the Infowarrior mailing list